Slashdot Mirror

← Back to Stories (view on slashdot.org)

Enhanced Carnivore To Crack Encryption Via Virus

Posted by timothy on from the trust-us-once-again-ma'am dept.

suqur writes: "MSNBC has a story about a new Carnivore feature, dubbed 'Magic Lantern,' which arrives on a victim's computer in the form of a virus through email or well-known vulnerabilities. Magic Lantern uses keylogging to extract keys typed in, and sends them off to the FBI. This is similar to a story reported on previously, but taken one step further, allowing computers to be compromised remotely."

22 of 522 comments (clear)

  1. In other news... by Violet+Null · · Score: 5, Funny

    In other news today, the FBI was arrested en masse for violating numerous newly legislated anti-terrorist laws prohibiting compromising remote computers...

  2. This only works if.... by intensity · · Score: 5, Funny

    a) The FBI kicks in your door and installs Outlook

    b) You always open email with the subject "Snow White and the 7 FBI Agents"

    c) You run the attachment called "FBILOVESYOU.VBS" (and you run Windows, Outlook, etc)

    Blah, dumb communist FBI

    --
    Abuse my rationalization of rhetoric as either metaphor or monotomy.
    1. Re:This only works if.... by Yottabyte84 · · Score: 2, Funny

      I relive you're trying to be funny but I'm a paranoid bastard.

      Here are point's of trouble for feds on my box.

      1) I get email from them, and not running Windows, and having a client that doesn't display html and thus javascript the bugger withers and dies in /dev/null.

      2) They install a hardware keylogger! I notice it later when plugging in my joystick. I melt and crush it.

      3) They attempt to install a keyloging program. Screensaver password thwarts them.

      4) They reboot my box to bypass screensaver, and meet a BIOS boot password. They bypass it.

      5) They meet a LILO password prompt! They get a boot disk.

      6) Oh DAMN thier boot disk doesn't support ReiserFS

      7) They get a ReiserFS boot disk. Oh darn, /usr, /etc, /home, /lib, /sbin, and /bin are all on encrypted loopbacks.

      8) Since I've started taking my keyboard to wokr after finding the keylogger they angrily give up on getting at my massive pr0n stash.

  3. Way to go, FBI! by fobbman · · Score: 5, Funny

    Thanks to the FBI, a whole new market is now being pushed into exploring the world of alternative operating systems.

    Talk about a boon to the Open Source movement! Show the people (not just the bad guys) that Microsoft's numerous vulnerabilities can be used by Big Brother to monitor them. I can't think of a better way to boost Linux distro sales.

  4. DCMA violation? by Anonymous Coward · · Score: 5, Funny

    The first thing that comes to mind is a flagrant violation of the DCMA.
    How does the government expect to work around this one? There are so many things that can go wrong...

    1. Probably OS-dependent. Remember: virii for one platform (i.e., Win) will probably not work for others. That was not hard to get around

    2. Human link involved. This virus will presumably be propagated via email, or some other form of trojan. Those who tend to use encryption tend to block this type of thing from happening to their machine anyway. Yet another reason not to open email/attachments from an addresser named "CIA" :P. That was easy to get around.

    3. Network link involved. Those who use encryption are usually savvy enough to detect extra packets flying from their machine to some unknown address, which would easily be identified in a reverse-lookup.

    My goodness, they are getting desperate, aren't they.

  5. Virus Email by mESSDan · · Score: 5, Funny
    The virus can be sent to the suspect via e-mail -- perhaps sent for the FBI by a trusted friend or relative. The FBI can also use common vulnerabilities to break into a suspect's computer and insert Magic Lantern, the source said.
    Email Template:

    From: Bill@Slashdot.org
    To: Fred@Slashdot.org

    Subject: Magic Lantern.doc.pif

    Hi! How are you?

    I send you this file in order to have your advice.

    See you later. Thanks
    --

    -- Dan
  6. Re:Encryption program name by mikeee · · Score: 5, Funny

    Better yet, rename it 'Quake', so you'll get better 3D acceleration for your PGP.

  7. You have got to be kidding. by Elwood+P+Dowd · · Score: 5, Funny
    I'm sure that this is (-1, Redundant) by now, but...

    Are there any cases involving damage done to personal property in eavesdropping operations? That is, legal taps? Any lawyers here? I gotta imagine that this would be a very very dangerous thing for the government to get into. Not only could it cause damage to personal property, but if the suspect is smart enough to encrypt their stuff, they're going to be smart enough to know when they've been h4x0red by an email virus.

    This story makes a lot more sense if you remove every reference to "our sources" and replace it with "my little brother."
    "The FBI is developing software capable of inserting a computer virus onto a suspect's machine and obtaining encryption keys, my little brother told MSNBC.com."
    I believe *that*.
    --

    There are no trails. There are no trees out here.
  8. Just another thing to keep in mind during coding.. by Omega · · Score: 2, Funny

    Note to self: build auto-gpg-encryption into xP.

  9. Re:Encryption Security by Anonymous Coward · · Score: 1, Funny

    Don't forget that it'd better be on a machine that you wrote the BIOS for. Also in a faraday cage, powered by batteries.

  10. I've got no problem with this... by MrResistor · · Score: 4, Funny
    ...as long as it requires a warrant before it can be used.

    Of course, anyone who would be vulnerabe to this is either a moron or doesn't feel that they have anything to hide, so it seems kind of pointless.

    Of course, the truely paranoid communicate with their computer using morse code with their space bar and scroll lock LED. I can see it now:

    Head of Investigation: "What have we got from the J Random Hacker log file?"

    Computer Specialist: "84,365,928 spaces, sir"

    --
    Under capitalism man exploits man. Under communism it's the other way around.
  11. Don't rename it Quake! by roystgnr · · Score: 5, Funny

    After it's renamed and loaded with the ATI drivers, PGP will encrypt things twice as fast, but side-by-side inspection will reveal it's algorithm to have switched to XOR.

  12. Re:AV software. by xsbellx · · Score: 2, Funny

    "It obviously couldn't be cross-platform either."

    Kind of makes one pine for elm.

    --
    If VISTA is the answer, you didn't understand the question
  13. They sent it to me! by camusflage · · Score: 5, Funny

    I received an email with the subject "Good Times", and I opened it. My browser popped open, and sent me to a site that had the headline, "See what really happens 'behind closed doors' when John Ashcroft and George Bush get together." My firewall picked up something weird, but I don't know anything about that, because I was already getting ready to format my disk.

    --
    The truth about Scientology, Xenu, and you: Operation Clambake
  14. /. by BlueArchon · · Score: 2, Funny

    Quick! Everyone install this trojan and start typing as much as possible... Maybe we can /. the carnivore box :)

  15. What the E-mail contains ... by rlp · · Score: 2, Funny
    Robert Mueller is seven years old and suffering from terminal cancer. It is his ambition to be included in the Guinness Book of Records for the largest number of criminal syndicate / terrorist passwords and secret communications. Robert would be grateful if you could send your passwords and secret messages to the address below and also send the enclosed pages, including one of your own, to another ten terrorist organizations or criminal syndicates.
    Obviously, speed is of the essence ...


    (Note: for backround info on this net meme - look here.

    --
    [Insert pithy quote here]
  16. Hmmm by Legion303 · · Score: 2, Funny
    legion@legion:~$ elm

    AN 1 Nov 20 agent213@fbi.gov (335) Hot Porn!

    [enter]

    Attachment: sexypix.htm.exe

    Damn, I can't run it.

    -Legion

  17. Re:Good luck... by Suidae · · Score: 2, Funny

    Hmm, you could also do something tricky like putting said BigFile on read only media (cdrom, dvd, or maybe a removeable HD or HD with the read-only jumper soldered closed). Then take the media with you and keep data files on removeable media.

    Install tamper-evident seals all over everything, install a decoy system, and a hidden silent intrusion detection system (all rather trivial to do really).

    Then reboot before entering a passphrase to foil network based attacks, and shut down and take all media with you when you leave. When the FBI breaks in to physically install a keylogger, they'll mistakenly bug the decoy system. If they figure that out, they'll find the tamper evident seals, and may have to come back later with duplicates. If they can circumvent those, they'll have tripped the silent intrusion detection system and been caught on hidden video camera, which will page you so you can check your house via the 802.11 link to your neighbors cable modem. If necessary you can then use your bluetooth system to detonate stun gernaids and flood the house with anestetic gas.

    Anyway, you'll have been alerted to their poking around.

  18. Re:Legal? by Elvis+Maximus · · Score: 3, Funny
    "He that breaks a thing to find out what it is has left the path of wisdom."
    -- Gandalf the Grey

    "More importantly, he has violated the DMCA. Get him, boys!"
    -- Jack Valenti
    --

    -
    Give me liberty or give me something of equal or lesser value from your glossy 32-page catalog.

  19. I like that... by sluggie · · Score: 2, Funny

    i guess some todo lists are going to expand...

    7.30 get up
    8.00 go to work
    8.02 check email
    8.03 reverse engineer fbi trojan
    8.10 spy on everybody an his mother
    .
    .
    .
    18.30 be happy to be a l33t FB1 5upp0rt3d ha>0r

    nice...

  20. Re:How far will you let them go? by tswinzig · · Score: 3, Funny

    How many straws, America? How many?

    Just one more! I promise.

    --

    "And like that ... he's gone."
  21. And just look at the Version 2.0 features! by Anonymous Coward · · Score: 1, Funny

    * Code Red style propagation allows for very large scale deployment

    * Data sharing with DMV

    * Valutraq - advertising based on what is found on a subject's system.

    * Automatic Ministry Of Love dispatch in the event of Thought Crime (TM)

    * Tracking in devices attached to mobile phones with GPS support

    It's a great time to be alive.